Hello,to stop bruteforce logins to samba i want to create a fail2ban-rule which blocks IPs with to many login-errors. unfortunately used logins and IPs in samba log are scattered to multiple lines so i cant find a relation.
i use samba for wan and cant reduce to internal IPs. What ist best in my case to get better logs or stop abusing?
Thanks,Hajo
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
